Topic: Samsung S10 crypto wallet - page 2. (Read 1176 times)

That's one way to pump a coin.

Samsung still shared some details about its cryptograph on MWC. Galaxy S10 supports Bitcoin, Ethereum, Enjin and Cosmo Coin. The latter is a small Korean project for the purchase of cosmetics.

Enjin wallet appears to be the official reference wallet for Enjin Coin as both are developed by the same team. The way I understand it ENJ strives to tokenize digital ingame-assets so I assume that's what the wallet enables -- ie. exchanging ingame-assets between players and maybe even across games. Which is also why it makes sense to target the mobile market in particular. It sounds nice in theory but I'm honestly not quite sure what to make of it.



Now that's the 21 million Bitcoin question, isn't it?

Wow, you weren't kidding. From 3.6 cents to 10 cents in 24 hours. Especially considering it's had 24 hour volumes as low as $200,000 over the last few weeks. Some bag holders just had a very nice surprise.

I've never heard of the coin or the wallet - are they intrinsically linked? Does the wallet use the coin for anything in particular? Does Samsung using this wallet mean the coin is going to see more use, or is this pump all just "jumping on the bandwagon", as it were?

The market already reacted to this news, Enjin Coin just made a huge jump. Not bad for a vaguely known alt, if that's really happening it looks like they got a pretty good deal.



Which would put them at the security level of regular desktop and mobile wallets, but not hardware wallets. But yes, we'll see. Definitely worth keeping an eye on regardless.

https://www.cryptoglobe.com/latest/2019/02/samsung-galaxy-s10-reportedly-supporting-btc-eth-and-ltc-via-enjin-crypto-wallet/

It says there that it's the Enjin crypto wallet that Samsung has preinstalled. I've never head of it myself but it's had good reviews in other incarnations.

https://enjinwallet.io

It's very unlikely they're storing the plain private keys... Maybe the encrypted wallet file or such... But maybe you're right, and that's definitely going to get a lot of people to try and reverse engineer their way to get to them. But at this point it's just speculation until the phone is out. We can only wait and see.

Keep in mind that being able to back up private keys to cloud services implies that there's a way to access the stored private keys at the software level. Accordingly the private key storage may be exploitable regardless of whether a user opts-out of the cloud service backup or not. That's an attack vector that does not exist for the current generation of hardware wallets (at least the most popular ones).

Don't get me wrong, this is huge news for adoption. But assuming Samsung officially communicates a level of security akin to established hardware wallets we are looking at a potential security mess in the making.

But we'll see, I guess. For all we know this might all be a dud with them merely supporting their own Samsung-ERC20-token.

How a crypto wallet is 'supposed' to operate is still to play for. It's early in the game and the current way things operate might be fine for the weirdos like us who've been here forever. Not so for the rest yet to come.

I'm not sure how Samsung can impress on people what can go wrong while still maintaining painlessness.

Presumably at some point they're going to issue some press releases about this. Then we may get a sense of how they arrived at this apparent set up.

Exactly. The most probable course of action they're going to take is to let advanced users choose whether to back up their keys on the cloud or not, and for less knowledgable users, well, why not give them a "technically" less secure option as their data could theoretically be accessed by a third party online, but considering they're very likely to mess up and lose their keys otherwise, it's probably the most secure option for them.

Either way this could trigger a pretty big chain reaction if the target customer-base decides to embrace crypto and have it go viral.

Don't get me wrong - I'm obviously pretty excited that they have a built in crypto wallet, and yes, this might pique the interest of quite a few people who would otherwise never have heard of crypto or never have bothered to look in to it seriously. I'm just disappointed that they are doing it in this way.

As you say, this will be many people's first exposure to a crypto wallet, and so teaching them that cloud storage back-ups protected by a simple 8 character password is a good idea is, well, a bad idea. They could quite easily have offered a wallet with no such feature. I suspect the reason they are doing it is for their own safety, rather than their customers' - I'm sure they know how careless the average person is, and they don't want to have to deal with all that bad press of people losing their coins forever and blaming it on Samsung.

It might be an opt-in. It already is for all Cloud services available for Samsung. If some users feel too insecure or like having some backup for their own clumsiness, why not..

I'm honestly a bit sad about the whole skepticism from most of the community here and on reddit. Like.. guys, it's either this, or NO crypto wallet built-into a phone purchased by millions.. The crushing majority of the people who are going to buy/pre-order the S10 haven't and would have probably never even considered touching crypto. This is one of the biggest leaps towards mass adoption I have seen in years..

I kinda got excited by Samsung starting to provide secure hardware elements which would make for other interesting use cases outside of crypto-currencies as well (eg. 2FA), alas...


Dagnabbit!

Obviously you need some way to enable private key backups but cloud storage is one of the most unfortunate ways to do it and leads the whole idea of secure key storage at absurdum.

Just leave it here.

I'd love to know how much research they put into it and who and what advised them. Perhaps it's dripping with disclaimers and tutorials. We'll have to wait for a non Korean who knows their stuff to have a look.

So just like Coinbase's new wallet feature, it's all backed up to a cloud server, protected by a simple user defined (and therefore horrendously weak in >95% of cases) password. Absolutely awful.

If this is true, then this is worse than just installing a normal software wallet like Coinomi on your phone. At least with a software wallet, you phone actually has to be stolen or compromised first. With a cloud back up, your keys and coins could be gone while you sleep. I don't have a Samsung account, but what are the recovery methods? If someone hacks your email, or convinces your phone company to transfer your number (happens way more than you would think), then presumably they can just reset your Samsung account password and then use that to get your private keys?

I'm disappointed to say the least.

https://www.coindesk.com/hands-on-preview-of-samsungs-galaxy-s10-phone-reveals-new-crypto-details

More of a preview here. The security set up doesn't sound like what we all know and love. It's looking like a pass to me.


'The S10 allows users to store private keys either in the secure enclave or via a third-party service, the terms indicate.

But what do you do about your private keys if you lose your phone? According to the T&Cs, the private keys stored in the S10’s Keystore are backed up in a personal account provided by Samsung. If the phone is lost or stolen, users can access the device and delete the private key through its Find My Mobile service. Further, if a private key is accidentally deleted, users can restore it via the service.

Centralizing key storage in this way is bound to raise questions about security and it remains to be seen what would happen if someone gained access to your Find My Mobile service and if Samsung might provide further protections.'

I don't understand what you mean. Source?

If you're talking about Android versions, it's simply because older smartphones can't run new android versions. This is a hardware limitation.

But saying you don't trust Samsung "to stay on top of how manic crypto is" is just naive. Forget crypto, do you even know how much data they have on their hands?

Every samsung phone comes with extra drivers, features & settings, themes and software specific to samsung. Samsung Knox which existed for years now is their solution for encrypting data, which is the one that will include the crypto wallets. Every Samsung phone gives you access to creating a Samsung account, where your data becomes linked to. This could include your media, applications, and probably usage statistics and creepy tracking data. And don't even get me started on software like Samsung Pay, Samsung VR, and things like linking your phone to your Samsung TV and similar proprietary solutions.

The amount of codebase AND data that Samsung has to maintain is way larger than any "blockchain developer" out there. Even the amount of users is probably tens to a hundred times more.

"You have nodes, maintenance, keeping on top of forks, upgrades. If I were them I'd much rather leave the actual operation to other parties who are interested in doing it." This sounds like sarcasm more than anything. Samsung could hire a single senior dev that worked on blockchain and within 6 months probably come up with their own crypto coded from scratch. And you're telling me that they're going to have a hard time maintaining a crypto wallet? What?

Hello, Samsung CEO.

Considering how happy Samsung are to abandon upgrading the OS of most of their devices, the core system that makes it all possible where vulnerabilities could pop up at any moment, then I would not trust them to stay on top of how manic crypto is.

What parties? You're SERIOUSLY SERIOUSLY undetmining the workforce of samsung. Theg're a multimillion dollar company that have to work on massive codebases constantly to come up with improvements. They know Android and linux like the back of their pockets, and on every new phone come up with new software to remain competitive. Who exactly are you nominating here as "other parties"? Almost all wallets are open source projects maintained by a group of fanatics that definitely know what they're doing, but probably never witnessed even near the amount of stress and competition as the smartphone market.


Ledger and Trezor dont only worry about firmware, they're hardware wallets. Standalone chips which JOB is to be as secure as possible against a multitude of attack vectors. This samsung wallet is the equivalent of installing electrum on your linux. Android is the OS, and the rest is just software. Anyone can build it, and all it has to do is its function.